Mobile station, position management apparatus, mobile communication system and communication method

ABSTRACT

A system includes a subscription storage that stores a group identifier for identifying a home base station  60  and the service available for a UE  70  as subscription information, in correspondence with a mobile terminal identifier for identifying UE  70 ; a positional information update request receiver for receiving a positional information update request of UE  70  from an MME  40 ; and a positional information response transmitter that extracts the available service corresponding to the mobile terminal included in the positional information update request, from the subscription storage and transmits a positional information update response included with the extracted service to MME  40 . With this configuration, it is possible to provide a mobile communication system or the like in which, for a plurality of services provided through local IP access functionality of a home base station, the owner of a home base station or the mobile network operator can designate the access right for each of the services, and forwarding of communication data and communication path selection can be done based on the designated access right.

This application is a Continuation of co-pending U.S. application Ser.No. 13/380,246 filed Dec. 22, 2011, which is a U.S. National Phasefiling of International Application No. PCT/JP2010/060563, filed on Jun.22, 2010, which claims benefit of priority under 35 U.S.C. 119(a) toJapanese Patent Application No. 2009-152002 filed in Japan on Jun. 26,2009, all of which are hereby expressly incorporated by reference intothe present application.

TECHNICAL FIELD

The present invention relates to a mobile communication system and thelike.

BACKGROUND ART

Mobile communication system standardization group, 3GPP (The 3rdGeneration Partnership Project) is investigating EPS (Evolved PacketSystem) as a next generation mobile telecommunication system, andstudying HeNB (Home eNodeB) as a small base station installed in aresidence or the like as an EPS configurational apparatus (which will bereferred to hereinbelow as home base station).

The home base station forms a small-scale wireless cell called afemtocell, which accommodates UEs (User Equipment: mobile terminaldevices) using the same wireless access technique as that of a normalbase station and establishes connection to the core network of themobile communication system via a broadband line to be able to relaycommunication data of UEs accommodated therein.

Since the home base station uses the broadband line as backhaul and canbe set by a general user, it is possible to easily extend the coveragearea of the mobile communication system, especially the indoor coveragearea. Further, since the radius of the cell is small and the cell can beexclusively used by a few users, it is possible to expect improvement incommunication speed and frequency usage efficiency compared to anoutdoor macro cell base station which a large number of users have toshare.

Further, in non-patent document 2, local IP access function is definedas a functional requirement of a home base station. The local IP accessis to provide for UEs connectivity to the network such as a networkinside the home (which will be referred to hereinbelow as “homenetwork”) to which the home base station is connected directly. Forexample, this enables a UE to connect another information terminal(printer etc.) that is connected to the home network (this will becalled hereinbelow “home network connection service”), and also enablesthe UE to connect to the internet without passage of the core network ofthe mobile communication system (this will be called hereinbelow“internet connection service”).

Conventionally, if a UE performs direct communication with an appliancehaving no cellular communication interface such as a printer or thelike, the UE needs to have a local area-use communication interface suchas a wireless LAN etc. However, use of local IP access enables even a UEthat has a cellular communication interface only to performcommunication with other communication terminals within the home networkbecause the home base station functions as a gateway between differentwireless access schemes.

Since use of local IP access also makes it possible to connect to theinternet without passage of the core network of the mobile communicationsystem, it is possible to distribute traffic load (offload), from theperspective of the mobile network operator.

Further, differing from a macrocell base station, the home base stationcan give access right only to a particular UE based on the form of theusage, three access modes called closed, open and hybrid are defined.Each home station is allotted with a group identifier called CSGID(Closed Subscriber Group Identification). In the closed mode, the homebase station can designate UEs to be permitted to connect for everyCSGID. In the open mode, the home base station can give the right ofaccess to the home base station to all UEs. In the hybrid mode, which isa combination of the closed mode and open mode, communication of UEsthat are given with access right in closed mode can be handledpreferentially.

Further, concerning local IP access, it is defined as a requisite thatwhether or not the user is permitted to use this function should bedetermined based on the user's subscription information. It is alsoruled as a functional requisite that a UE can use local IP access andconnection to the core network simultaneously when the UE is connectingto the home base station.

Moreover, non-patent document 3 discloses architecture candidates forembodying a home base station.

Further, in order to realize local IP access functionality of a homebase station, non-patent document 4 proposes a configuration in whichwhen communication data is directed to the internet or home network, thehome base station forwards the communication data without passing thoughthe core network of the mobile communication system in accordance withthe destination of the communication data received from the home basestation.

PRIOR ART DOCUMENTS Non-Patent Documents

-   Non-patent Document 1: 3GPP TS23.401 General Packet Radio Service    (GPRS) enhancements for Evolved Universal Terrestrial Radio Access    Network (E-UTRAN) access-   Non-patent Document 2: 3GPP TS 22.220-   Non-patent Document 3: 3GPP TS 23.830-   Non-patent Document 4: 3GPP Contribution S2-093803 (Local IP access    principles for single PDN connection solutions)

SUMMARY OF THE INVENTION Problems to be Solved by the Invention

According to the information disclosed in non-patent document 3, accesscontrol at the home base station is determined depending on theaforementioned three access modes and the subscription information basedon which whether the local IP access function is permitted to use isdetermined. However, if the usage scenario of the home base station isconsidered, it is desirable that the owner of the home base station orthe mobile network operator can designate access right in more detail asdescribe below.

Suppose, for example, a case in which a home base station is set in ahome, there is a demand that the family may offer a friend, who visitsthe residence, only the internet connection service through local IPaccess but does not want to permit the friend to use home networkconnection service in view of privacy and security.

Suppose another case in which a home base station is installed in ashopping mall etc., there is a demand that an advertisement distributionserver for distributing advertisement information and the like isinstalled in the home network so as to allow visiting customers toaccess only the home network connection service through local IP accessand so as to provide a connection with an advertisement server, but notto allow them to access internet connection service.

However, because the access control based on the aforementioned accessmode and the subscription information themselves cannot offer the schemeto separately designate access right as to a plurality of services thatare available through local IP access, there is the problem that theaforementioned usage scenario cannot be realized.

Further, when a UE uses local IP access, not only the communication datathe UE transmits by way of the home base station but also thecommunication data transmitted from another information terminalconnected to the home network, to the UE should be limited as toconnection depending on the access right.

For example, communication from the information terminal to a UE that isnot permitted to access home network connection service should be shutoff, whereas if the UE in question is authorized to use internetconnection service by way of local IP access, the communication datacorresponding to that should be normally transferred to the UE. However,due to the above-described access right problem, it is impossible tofilter these packets as it stands.

In addition, a home base station is one that is introduced as afunctional extension of the existing mobile communication system, so itis desirable that the change to the current specification is minimized.Accordingly, the specific means for solving the above problems also hasto be realized by providing the minimum functional extension to the EPSruled by the non-patent document 1.

The present invention has been devised in view of the abovecircumstances, it is therefore an object of the present invention toprovide a home base station, a mobile communication system and the likein which, for a plurality of services provided using local IP accessfunctionality of a home base station, the owner of the home base stationor the mobile network operator can designate the access right for eachservice, and transfer and communication path selection of communicationdata can be performed based on the designated access right.

Means for Solving the Problems

In view of the above problems, a mobile station of the present inventionis a mobile station in a mobile communication system including a homebase station (HeNB; Home eNode B), a subscriber information managementapparatus (HSS; Home Subscriber Service), a position managementapparatus (MME; Mobility Management Entity), an access control apparatus(PGW; Packet data GW) and the mobile station (UE; User Equipment),wherein

in order to make a request for establishment of a communication path forlocal IP access (LIPA) to connect to a home network, a signal relatingto an attach procedure is transmitted to a position managementapparatus.

The mobile station of the present invention is also characterized inthat the signal relating to the attach procedure includes an APN.

The mobile station of the present invention is further characterized inthat the communication path is established between the mobile stationand a home base station.

A position management apparatus of the present invention is a positionmanagement apparatus in a mobile communication system including a homebase station (HeNB; Home eNode B), a subscriber information managementapparatus (HSS; Home Subscriber Service), the position managementapparatus (MME; Mobility Management Entity), an access control apparatus(PGW; Packet data GW) and a mobile station (UE; User Equipment), wherein

a subscriber information management apparatus stores information onwhether local IP access (LIPA) to connect to a home network is allowedor not,

the position management apparatus receives a signal relating to anattach procedure including an APN (Access Point Name), from a mobilestation,

confirms, based on the information offered by the subscriber informationmanagement apparatus, that the APN provided from the mobile station isallowed for the local IP access to connect to the home network, and,

determines whether establishment of a communication path for the localIP access to connect to the home network should be allowed or not.

The position management apparatus of the present invention is alsocharacterized in that the subscription information management apparatusstores a list of a CSG ID in subscription data, and the positionmanagement apparatus determines whether establishment of thecommunication path should be allowed or not, also using the list of theCSG ID obtained from the subscriber information management apparatus.

The position management apparatus of the present invention is furthercharacterized in that when establishment of the communication path isallowed, the position management apparatus transmits an attachmentpermission to the mobile station in order to establish the communicationpath.

A position management apparatus of the present invention is a positionmanagement apparatus in a mobile communication system including a homebase station (HeNB; Home eNode B), a subscriber information managementapparatus (HSS; Home Subscriber Service), the position managementapparatus (MME; Mobility Management Entity), an access control apparatus(PGW; Packet data GW) and a mobile station (UE; User Equipment), wherein

a subscriber information management apparatus stores information onwhether local IP access (LIPA) to connect to a home network is allowedor not,

when having received a signal relating to an attach procedure includingan APN, from a mobile station, and confirmed, based on the informationoffered by the subscriber information management apparatus, that the APNprovided from the mobile station is not allowed for the local IP accessto connect to the home network, the position management apparatus willnot allow for establishment of a communication path for the local IPaccess to connect to the home network.

A mobile communication system of the present invention is a mobilecommunication system including a home base station (HeNB; Home eNode B),a subscriber information management apparatus (HSS; Home SubscriberService), a position management apparatus (MME; Mobility ManagementEntity), an access control apparatus (PGW; Packet data GW) and a mobilestation (UE; User Equipment), wherein

in order to make a request for establishment of a communication path forlocal IP access (LIPA) to connect to a home network, the mobile stationtransmits a signal relating to an attach procedure to the positionmanagement apparatus.

The mobile communication system of the present invention ischaracterized in that the signal relating to the attach procedureincludes an APN.

The mobile communication system of the present invention ischaracterized in that the communication path is established between themobile station and the home base station.

A mobile communication system of the present invention is a mobilecommunication system including a home base station (HeNB; Home eNode B),a subscriber information management apparatus (HSS; Home SubscriberService), a position management apparatus (MME; Mobility ManagementEntity), an access control apparatus (PGW; Packet data GW) and a mobilestation (UE; User Equipment), wherein

the subscriber information management apparatus stores information onwhether local IP access (LIPA) to connect to a home network is allowedor not,

the position management apparatus receives a signal relating to anattach procedure including an APN, from the mobile station,

confirms, based on the information offered by the subscriber informationmanagement apparatus, that the APN provided from the mobile station isallowed for the local IP access to connect to the home network, and,

determines whether establishment of a communication path for the localIP access to connect to the home network should be allowed or not.

The mobile communication system of the present invention is alsocharacterized in that the subscription information management apparatusstores a list of a CSG ID in subscription data, and the positionmanagement apparatus determines whether establishment of thecommunication path should be allowed or not, also using the list of theCSG ID obtained from the subscriber information management apparatus.

The mobile communication system of the present invention is furthercharacterized in that when establishment of the communication path isallowed, the position management apparatus transmits an attachmentpermission to the mobile station in order to establish the communicationpath.

A mobile communication system of the present invention is a mobilecommunication system including a home base station (HeNB; Home eNode B),a subscriber information management apparatus (HSS; Home SubscriberService), a position management apparatus (MME; Mobility ManagementEntity), an access control apparatus (PGW; Packet data GW) and a mobilestation (UE; User Equipment), wherein

the subscriber information management apparatus stores information onwhether local IP access (LIPA) to connect to a home network is allowedor not,

when having received a signal relating to an attach procedure includingan APN, from the mobile station, and confirmed, based on the informationoffered by the subscriber information management apparatus, that the APNprovided from the mobile station is not allowed for the local IP accessto connect to the home network, the position management apparatus willnot allow for establishment of a communication path for the local IPaccess to connect to the home network.

A communication method of the present invention a communication methodin a mobile station of a mobile communication system including a homebase station (HeNB; Home eNode B), a subscriber information managementapparatus (HSS; Home Subscriber Service), a position managementapparatus (MME; Mobility Management Entity), an access control apparatus(PGW; Packet data GW) and a mobile station (UE; User Equipment), wherein

in order to make a request for establishment of a communication path forlocal IP access (LIPA) to connect to a home network, a signal relatingto an attach procedure is transmitted to a position managementapparatus.

A communication method of the present invention is a communicationmethod in a position management apparatus of a mobile communicationsystem including a home base station (HeNB; Home eNode B), a subscriberinformation management apparatus (HSS; Home Subscriber Service), theposition management apparatus (MME; Mobility Management Entity), anaccess control apparatus (PGW; Packet data GW) and a mobile station (UE;User Equipment), wherein the subscriber information management apparatusstores information on whether local IP access (LIPA) to connect to ahome network is allowed or not, comprising the steps of:

receiving a signal relating to an attach procedure including an APN froma mobile station;

confirming, based on information offered by a subscriber informationmanagement apparatus, that the APN provided from the mobile station isallowed for local IP access to connect to a home network; and,

determining whether establishment of a communication path for the localIP access to connect to the home network should be allowed or not.

A communication method of the present invention is a communicationmethod in a position management apparatus of a mobile communicationsystem including a home base station (HeNB; Home eNode B), a subscriberinformation management apparatus (HSS; Home Subscriber Service), theposition management apparatus (MME; Mobility Management Entity), anaccess control apparatus (PGW; Packet data GW) and a mobile station (UE;User Equipment), wherein the subscriber information management apparatusstores information on whether local IP access (LIPA) to connect to ahome network is allowed or not, comprising the steps of:

receiving a signal relating to an attach procedure including an APN,from a mobile station; and,

when having confirmed, based on information offered by a subscriberinformation management apparatus, that the APN provided from the mobilestation is not allowed for local IP access to connect to a home network,

disallowing establishment of a communication path for the local IPaccess to connect to the home network.

Advantage of the Invention

According to the present invention, when a mobile terminal apparatususes service using local IP access functionality of a base station, theowner of the home base station or the mobile network operator canperform access control separately for each service while minimizing themodification of the existing system.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic diagram showing a mobile communication system inthe first embodiment.

FIG. 2 is a block diagram of a PGW in the first embodiment.

FIG. 3 is a chart showing binding information of the PGW in the firstembodiment.

FIG. 4 is a block diagram of a SGW in the first embodiment.

FIG. 5 is a block diagram of a HSS in the first embodiment.

FIG. 6 is a chart showing one example of a subscription DB of the HSS inthe first embodiment.

FIG. 7 is a block diagram of an MME in the first embodiment.

FIG. 8 is a chart showing one example of a subscription DB of the MME inthe first embodiment.

FIG. 9 is a chart showing one example of an APN-IP address translationDB of the MME in the first embodiment.

FIG. 10 is a block diagram of a GW in the first embodiment.

FIG. 11 is a block diagram showing a home base station in the firstembodiment.

FIG. 12 is a chart showing one example of an address translation DB inthe home base station in the first embodiment.

FIG. 13 is a chart showing one example of packet filtering informationof the home base station in the first embodiment.

FIG. 14 is a chart showing one example of an IP address pool of the homebase station in the first embodiment.

FIG. 15 is a block diagram of a UE in the first embodiment.

FIG. 16 is a chart showing one example of a UE's APN list in the firstembodiment.

FIG. 17 is a block diagram of an information terminal in the firstembodiment.

FIG. 18 is a diagram showing a sequence example of a registering processof the home base station in the first embodiment.

FIG. 19 is a diagram showing a sequence example of a UE's process ofattachment to the home base station in the first embodiment.

FIG. 20 is a diagram showing a sequence example of a UE's PDN connectionestablishment process in the first embodiment.

FIG. 21 is a diagram showing a flow chart of MME's access rightdetermining process in the first embodiment.

FIG. 22 is a diagram showing a flow chart of a communication path setupprocess at the home base station in the first embodiment.

FIG. 23 is a diagram showing a flow chart of a communication path setupprocess at the home base station in the first embodiment.

FIG. 24 is a block diagram showing the home base station in the secondembodiment.

FIG. 25 is a chart showing one example of access right information atthe home base station in the second embodiment.

FIG. 26 is a diagram showing a sequence example of a UE's PDN connectionestablishment process in the second embodiment.

MODES FOR CARRYING OUT THE INVENTION

Next, the best mode for carrying out the present invention will bedescribed with reference to the drawings. In the embodied modes, theembodiment of a mobile communication system to which the presentinvention is applied will be detailed as an example with reference tothe drawings.

1. The First Embodiment

To begin with this, the first embodiment of a mobile communicationsystem to which the present invention is applied will be described withreference to the drawings.

[1.1 Outline of Mobile Communication System]

FIG. 1 is a diagram for illustrating the outline of a mobilecommunication system 1 in the present embodiment. As shown in thisfigure, mobile communication system 1 is composed of a core network anda home network, the core network and the home network being mutuallyconnected via a broadband access network. The broadband access networkis a wired access network for realizing broadband communication, and isconstructed by, for example ADSL, optical fibers and the like. However,not limited to this, the broadband access network may be a wirelessaccess network such as WiMAX or the like.

The core network includes a PGW 10 (Packet data GW), a SGW 20 (ServingGW), an HSS 30 (Home Subscriber Service), an MME 40 (Mobility ManagementEntity) and GW 50.

PGW 10 is an access control apparatus which is connected to foreign PDNs(Packet Data Network: packet communication network) such as the internetand the like, functions as a gateway for connecting the core networkwith those PDNs and transfers communication data of a UE 70 to SGW 20.

SGW 20 is a service control apparatus that is connected to GW 50 totransfer packets between PGW 10 and home base station 60. Here, itshould be noted that PGW 10 and SGW 20 may be physically configured asan identical node.

MME 40 is an entity for performing signaling and is a positionmanagement apparatus for leading position management of UE 70 and an EPSbearer establishment process. The EPS bearer is a logical path that isestablished between home base station 60 and SGW 20 for every UE totransfer user IP packets. Here, UE 70 is able to establish a pluralityof EPS bearers.

GW 50 functions as a gateway between home base station 60 installedinside the home network and the apparatuses inside the core network.

HSS 30 is a subscriber information management apparatus that managessubscription data (subscriber information) and performs userauthentication and the like to notify MME 40 of the subscription data ofUE 70. The subscription data includes subscriber's service subscriptioninformation, the list of CSGIDs that are allowed to access, and others.

The home network is composed including UE 70, information terminal 80and home base station 60. The home network is mutually connected toforeign PDNs via broadband access network.

Home base station 60 is an apparatus that forms a femtocell andaccommodates UE 70 as a 3GPP LTE (Long Term Evolution) base station.Further, this also functions as a home gateway in the home network andis connected to the broadband access network.

UE 70 is a mobile communication terminal equipped with a 3GPP LTEcommunication interface and is connected to home network 60.

Information terminal 80 is an information terminal connected to the homenetwork; examples including printers, network file servers, etc.

[1.2 Apparatus Configuration]

Next, the configuration of each apparatus will be briefly describedusing the drawings.

[1.2.1 PGW Configuration]

First, the configuration of PGW 10 in the present embodiment will bedescribed. As shown in FIG. 2, PGW 10 includes a controller 100 to whicha transmitting/receiving unit 110, a packet transmitting/receiving unit120, a storage 150 and a PMIP processor 160 are connected by a bus.

Controller 100 is a functional unit for controlling PGW 10. Thecontroller reads out and runs various programs stored in storage 150 tothereby realize various processes.

Transmitting/receiving unit 110 is a functional unit that iswire-connected to a router or a switch to perform transmission andreception of packets. Transmission and reception of packets is performedthrough, for example, Ethernet (registered trademark), which isgenerally used as a network connecting standard, or the like.

Storage 150 is a functional unit that stores programs, data and the likenecessary for various operations of PGW 10, and is configured of, forexample semiconductor memory and the like. Storage 150 also storesbinding information 152.

Binding information 152 is the information which PGW 10 uses whenreceiving communication data (packet) addressed to UE 70, to determinethe transmission path for forwarding the communication data to UE 70.FIG. 3 shows one example of binding information.

As shown in FIG. 3, the IP address prefix (which will be referred tohereinbelow as “HNP (Home Network Prefix)” of UE 70 and the transmissionpath to SGW 20 (e.g., “PMIP tunnel 1”) are recorded in a correlatedmanner. Here, it is assumed that each UE is allotted with a unique HNP,which is used to generate IPv6 address for UE.

Packet transmitting/receiving unit 120 is a functional unit fortransmitting and receiving specific data (packets). The packettransmitting/receiving unit decomposes the data received from thesuperior layer into packets so as to be transmitted. The packettransmitting/receiving unit also realizes the function of transferringthe received packets to the superior layer.

PMIP processor 160 is a functional unit for establishing a transmissionpath (called PMIP tunnel) used between PGW 10 and SGW 20.

[1.2.2 SGW Configuration]

Next, the configuration of SGW 20 in the present embodiment will bedescribed. As shown in FIG. 4, SGW 20 includes a controller 200 to whicha transmitting/receiving unit 210, a storage 250, a bearer establishmentprocessor 270, a packet transmitting/receiving unit 220 and a PMIPprocessor 260 are connected by a bus.

Controller 200 is a functional unit for controlling SGW 20. Thecontroller 200 reads out and runs various programs stored in storage 250to thereby realize various processes.

Transmitting/receiving unit 210 is a functional unit that iswire-connected to a router or a switch to perform transmission andreception of packets. Transmission and reception of packets is performedthrough, for example, Ethernet (registered trademark), which isgenerally used as a network connecting standard, or the like.

Storage 250 is a functional unit that stores programs, data and the likenecessary for various operations of SGW 20.

Bearer establishment processor 270 is a functional unit that implementsa process for establishing an EPS bearer.

Packet transmitting/receiving unit 220 is a functional unit fortransmitting and receiving specific data (packets). The packettransmitting/receiving unit decomposes the data received from thesuperior layer into packets so as to be transmitted. The packettransmitting/receiving unit also realizes the function of transferringthe received packets to the superior layer.

PMIP processor 260 is a functional unit for establishing a PMIP tunnelin between PMIP processor 260 and PGW10.

[1.2.3 HSS Configuration]

Next, the configuration of HSS 30 in the present embodiment will bedescribed. As shown in FIG. 5, HSS 30 includes a controller 300 to whicha transmitting/receiving unit 310 and a storage 350 are connected by abus.

Controller 300 is a functional unit for controlling HSS 30. Thecontroller 300 reads out and runs various programs stored in storage 350to thereby realize various processes.

Transmitting/receiving unit 310 is a functional unit that iswire-connected to a router or a switch to perform transmission andreception of packets. Transmission and reception of packets is performedthrough, for example, Ethernet (registered trademark), which isgenerally used as a network connecting standard, or the like.

Storage 350 is a functional unit that stores programs, data and the likenecessary for various operations of HSS 30. The storage 350 furtherstores a subscription DB (database) 352 that holds subscriberinformation.

Here, FIG. 6 shows one example of subscription DB 352. Subscription DB352 records, for UEs managed by mobile communication system 1, the UE'sidentifier (e.g., “UE1” generated from IMSI (International MobileSubscriber Identify: subscriber identification information) and thelike), the CSGID (e.g., “CSGID2”) representing the group identifierallotted to home base station 60 which the UE is allowed to access, andeither “allowed” or “disallowed”, i.e., the status of the availabilityof service (e.g., “class 1: internet connection service” and “class 2:home network connection service”) through the local IP access.

Further, it is assumed that the owner of home base station 60 or theoperator of mobile communication system 1 can access subscription DB 352and to which UE what kind of access right information is provided forevery CSGID that is allotted to owned home base station 60.

Controller 300 offers information from subscription DB 352 stored instorage 350, in response to a request from MME 40.

[1.2.4 MME Configuration]

Next, the configuration of MME 40 in the present embodiment will bedescribed. As shown in FIG. 7, MME 40 is connected with atransmitting/receiving unit 410 and a storage 450 by a bus.

Controller 400 is a functional unit for controlling MME 40. Thecontroller 400 reads out and runs various programs stored in storage 450to thereby realize various processes.

Transmitting/receiving unit 410 is a functional unit that iswire-connected to a router or a switch to perform transmission andreception of packets. Transmission and reception of packets is performedthrough, for example, Ethernet (registered trademark), which isgenerally used as a network connecting standard, or the like.

Storage 450 is a functional unit that stores programs, data and the likenecessary for various operations of MME 40. Storage 450 is furtherrecorded with a subscription DB 452 for temporarily storing subscriberinformation and an APN-IP address translation DB 454.

FIG. 8 is a chart showing one example of subscription DB 452. Thestructure of the database is the same as that of subscription DB 352held by HSS 30 as shown in FIG. 6. However, information on UEs to bemanaged by the MME 40 only is temporarily stored.

FIG. 9 is a chart showing one example of APN-IP address translation DB454. As shown in FIG. 9, the database is one that holds a translationtable relating an APN (e.g., “WEB”) to the IP addresses of PGW 10 andSGW 20 (e.g., “2001:200:1::1” and “2001:200:2::1).

[1.2.5 GW Configuration]

Next, the configuration of GW 50 in the present embodiment will bedescribed. As shown in FIG. 10, GW 50 includes a controller 500 to whicha transmitting/receiving unit 510, a packet transmitting/receiving unit520 and a storage 550 are connected by a bus.

Herein, communication between MME 40 and home base station 60 andbetween SGW 20 and home base station 60 is performed by way of GW 50.

Controller 500 is a functional unit for controlling GW 50. Thecontroller 500 reads out and runs various programs stored in storage 550to thereby realize various processes.

Transceiver 510 is a functional unit that is wire-connected to a routeror a switch to perform transmission and reception of packets.Transmission and reception of packets is performed through, for example,Ethernet (registered trademark), which is generally used as a networkconnecting standard, or the like.

Packet transmitting/receiving unit 520 is a functional unit fortransmitting and receiving specific data (packets). The packettransmitting/receiving unit decomposes the data received from thesuperior layer into packets so as to be transmitted. The packettransmitting/receiving unit also realizes the function of transferringthe received packets to the superior layer. Storage 550 is a functionalunit for storing programs, data and the like necessary for variousoperations of the GW.

[1.2.6 Home Base Station Configuration]

Next, the configuration of home base station 60 in the presentembodiment will be described. FIG. 11 is a diagram for illustrating theconfiguration of home base station 60, and includes a controller 600, towhich a NAT (Network Address Translation) unit 610, an LTE base stationunit 630, a storage 650, a home network interface unit 660 and aninterface unit 670 used for broadband access network are connected by abus.

Controller 600 is a functional unit for controlling base station 60. Thecontroller 600 reads out and runs various programs stored in storage 650to thereby realize various processes.

NAT unit 610 receives a packet from LTE base station unit 630, altersthe sender IP address and forwards the packet to home network interfaceunit 660 or interface unit 670 used for broadband access network, inaccordance with the destination IP address.

Similarly, the NAT unit also receives a packet from home networkinterface unit 660 or interface unit 670 used for broadband accessnetwork, alters the destination address and forwards the packet to LTEbase station unit 630.

Further, NAT 610 holds an address translation DB 612 as shown in FIG.12. Here, address translation DB 612 records the identifier of UE 70(UE1), pre-translation address of UE 70 (e.g., “UE1_HNP1” as the IPaddress prefix of UE 70) and the post-translation address of UE 70(e.g., “2001:100:200:4000::1) in a related manner.

LTE base station unit 630 is a functional unit that functions as an LTEbase station to accommodate UE 70. LTE base station unit 630 has anexternal antenna 635 connected thereto.

Storage 650 is a functional unit that stores programs, data and the likenecessary for various operations of home base station 60. The storage650 further stores packet filtering information 652 and an IP addresspool 654.

FIG. 13 is a table showing one example of packet filtering information652. This information stores the rule that determines whether packettransfer by home base station 60 is allowed or not for every offeredservice class (e.g., “class 1: internet connection” and the like) whenhome base station 60 offers local IP access functionality.

It is assumed, for example that information terminal 80 connected to thehome network is allottedwith an IPv6 address beginning with“2001:100:200:3000”.

For a case of class 1, transfer of all packets is allowed (“allow all”),then if the destination or sender IPv6 address of a packet begins with“2001:100:200:3000”, transfer of the packet is disallowed (“disallowIPv6==2001:100:200:3000::/64”). That is, the packet filtering assignedto this class 1 is applied, so that communication from UE 70 to the homenetwork and communication from the home network to UE 70 are shut out byhome base station 60.

On the other hand, for a case of class 2, transfer of all packets isshut out (“disallow all”), then if the destination or sender IPv6address of a packet begins with “2001:100:200:3000”, transfer of thepacket is allowed (“allow IPv6==2001:100:200:3000::/64”). As a result,only the communication between UE 70 and information terminal 80 insidethe home network is allowed.

FIG. 14 is a table showing one example of IP address pool 654, and homebase station 60 manages an IP address block (e.g., “2001:100:200::/48”or the like) assigned to home base station 60 by the operator offeringbroadband access service.

Then, it is assumed that home base station 60 gives assignment to UE 70that uses local IP access from this IP address block, and that, forexample IPv6 address prefix “2001:100:200:4000:/64” is allotted to UE70. Here, it is assumed that routing information has been set up on theinternet so that communication addressed to IP addresses belonging tothis IP address block is routed to home base station 60.

Home network interface unit 660 is a functional unit that performstransmission and reception of packets with other apparatus inside thehome network. Transmission and reception is performed through, forexample, Ethernet (registered trademark), which is generally used as anetwork connecting standard, or the like.

Interface unit 670 used for broadband access network is a functionalunit that performs transmission and reception of packets with thebroadband access network. Transmission and reception is performedthrough, for example ADSL, which is generally used as a networkconnecting standard, or the like.

[1.2.7 UE Configuration]

Next, the configuration of UE 70 as mobile station in the presentembodiment will be described. As a specific example of UE 70, mobileterminals that connect to the mobile communication system via radioaccess interface, PDAs and other terminals are presumed. As shown inFIG. 15, controller 700 is connected with an LTE interface unit 710, apacket transmitting/receiving unit 720, a storage 750 and a bearerestablishment processor 770 by a bus.

Controller 700 is a functional unit for controlling UE 70. Thecontroller reads out and runs various programs stored in storage 750 tothereby realize various processes.

LTE interface unit 710 is a functional unit with which UE 70 connects tohome base station 60. LTE interface unit 710 is connected with anexternal antenna 715.

Packet transmitting/receiving unit 720 is a functional unit forexchanging specific data (packets). The packet transmitting/receivingunit decomposes the data received from the superior layer into packetsso as to be transmitted. The packet transmitting/receiving unit alsorealizes the function of transferring the received packets to thesuperior layer.

Storage 750 is a functional unit that stores programs, data and the likenecessary for various operations of UE 70. Storage 750 also stores anAPN list 752.

APN list 752 stores APN as candidates for UE 70 when UE 70 connects tothe Internet. FIG. 16 is a data configurational example of APN list 752.In APN list 752, APN as candidates that UE 70 may use are managed on alist as shown in FIG. 16.

Bearer establishment processor 770 is a functional unit that executes aprocess for establishing an EPS bearer as a communication path to SGW 20inside the core network.

[1.2.8 Information Terminal Configuration]

Next, the configuration of information terminal 80 in the presentembodiment will be described. As shown in FIG. 17, information terminal80 includes a controller 800 to which a home network interface unit 810and a storage 850 are connected by a bus.

Controller 800 is a functional unit for controlling information terminal80. The controller 800 reads out and runs various programs stored instorage 850 to thereby realize various processes.

Home network interface unit 810 is a functional unit for exchangingpackets with other apparatus inside the home network. Transmission andreception of packets is performed through, for example, Ethernet(registered trademark), which is generally used as a network connectingstandard, or the like.

Storage 850 is a functional unit that stores programs, data and the likenecessary for various operations of information terminal 80.

[1.3 Description of processing]

Next, the procedures for UE 70 to use the core network and local IPaccess via home base station 60 in mobile communication system 1 shownin FIG. 1 will be described with reference to the drawings.

[1.3.1 Home Base Station Registering Process]

To begin with, the registering procedure of home base station 60 tomobile communication system 1 will be described using FIG. 18.

Home base station 60 transmits an S1 setup request to MME 40 (S100).Here, the S1 setup request is implemented to establish a communicationpath between LTE base station unit 630 of home base station 60 and MME40 so that home base station 60 can operate as abase station of mobilecommunication system 1, and includes a CSGID assigned to home basestation 60, and further includes LIPA (Local IP Access) Capabilityindicating that home base station 60 has local IP access functionality,differing from the conventional method. Then MME 40 transmits an S1setup response (S102). In this way, the registering process of home basestation 60 is completed.

[1.3.2 Process of UE Attachment to Home Base Station]

Next, the procedure in which UE 70 connects to the core network via homebase station 60 and is connected to a foreign PDN identified by the APNof “WEB”, will be described using FIG. 19.

First, in order to connect to the core network via home base station 60,UE 70 transmits an attach request to home base station 60, following theconfiguration technique defined in non-patent document 1 (S200). Theattach request includes a UE identifier (UE 1), an APN (“WEB”) toidentify the destination PDN, UE Capability that represents UE'sretention function, and the like.

Home base station 60 transmits a CSGID of itself (named “CSGID 1”, forexample) together with the received attach request, to MME 40 (S202).

MME 40, following the prior art method, extracts the UE identifierincluded in the attach request to perform user authentication andfurther transmits a positional information update request to HSS 30 toacquire the subscription data of UE 70 (S204).

HSS 30 extracts only the information whose UE identifier corresponds to“UE1”, from subscription DB 352 shown in FIG. 6, and transmits theextracted information by stuffing it in a positional information updateresponse, to MME 40 (S208). Here, differing from the conventionalmethod, not only the list of CSGIDs to which access right is beinggiven, but available service for each CSGID is also transmitted.

Then, MME 40 stores the extracted information into subscription DB 452of UE 70, as shown in FIG. 8 (S210).

Further, MME 40 compares CSGID (CSGID1) of home base station 60 to whichUE 70 is connecting, with the acquired subscription data (S212).Thereby, whether or not UE 70 has access right to connect to home basestation 60 is checked (S212). If the UE has no access right, MME 40transmits a refusal of attachment, to UE 70 by way of home base station60, and the attach process is ended as the attach process has beenfailed.

When the access right has been confirmed, MME 40 performs a PDNconnection establishment process for UE 70 that has been allowed toconnect (S214). The PDN connection is a logical path that is establishedbetween UE 70 and a PDN, is constructed of an EPS bearer establishedbetween home base station 60 and SGW 20 and a PMIP tunnel establishedbetween SGW 20 and PGW 10. The PDN connection establishment process iscarried out between UE 70, home base station 60, MME 40, SGW 20 and PGW10.

[1.3.3 PDN Connection Establishment Process]

Next, the PDN connection establishment process will be described withreference to FIG. 20.

First, MME 40 transmits a bearer setup request to SGW 20 (S400). Thebearer setup request includes a UE identifier (UE1) and an APN.

SGW 20 receives the bearer setup request, and transmits a binding updaterequest to PGW 10 in order to establish a PMIP tunnel between SGW 20 andPGW 10 (S402). The binding update request includes the UE identifier(UE1) and APN.

PGW 10 receives the binding update request, and allots an HNP to UE 70first, to generate binding information 152 as shown in FIG. 3 (S404).Here, it is assumed that “UE1_HNP1” is allotted as the HNP.

Further, PGW 10 establishes PMIP tunnel 1 between PGW 10 and SGW 20 andperforms such routing so as to forward to SGW 20 via PMIP tunnel 1 whenreceiving communication data directed to the HNP allotted for UE 70(S406). Then, PGW 10 returns a binding update response to SGW 20 (S408).This message includes the allotted HNP.

SGW 20 having received the binding update response transmits a bearersetup response to MME 40 (S410). Here, the bearer setup responseincludes the HNP.

MME 40 receives the bearer setup response, and refers to thesubscription data corresponding to UE 70, stored in subscription DB 452to check whether access right to local IP access is present or not(S411).

[1.3.3.1 Access Right Determining Process]

Now, the process of determining access right will be described using aflow chart shown in FIG. 21.

First, the CSGID of the destination home base station 60 to which UE 70is being connected is extracted (Step S1000). Then, the extracted CSGID(CSGID1) of home base station 60 is checked whether an S1 setup requestwas implemented as the home base station having local IP accessfunctionality, at Step S100 for the registering process of the home basestation (Step S1002). Here, when the S1 setup request has beenimplemented as not having local IP access functionality (Step S1002;No), it is determined that an attachment permission similar to theconventional method is to be transmitted to LTE base station unit 630,and the access right determining process is ended (Step S1012).

On the other hand, when an S1 setup request has been implemented ashaving local IP access functionality (Step S1002; Yes), the serviceavailable with the CSGID is extracted from subscription DB 452 (StepS1006). At this point, if access right has been given to at least one ofthe services (Step S1008; Yes), differing from the conventional methodit is determined that an attachment permission including the serviceclass to be described next is transmitted to LTE base station unit 630(Step S1010). If no access right has been given to any service class(Step S1008; No), MME 40 determines that an attachment permissionsimilar to the conventional method is transmitted to LTE base stationunit 630, and the access right determining process is ended (StepS1012). In this case, it is assumed that UE 70 cannot use local IPaccess.

The service class to be included in the attachment permission at StepS1010 should include any one of the following information, based on theaccess right information held in subscription DB 452.

Class 1: capable of using internet connection;

Class 2: capable of using home network connection; and

Class 3: capable of using internet connection and home networkconnection.

If, for example, only the connection to the home network is allowed,“Class 2” is stored as the service class.

[1.3.3.2 Communication Path Setup Process]

Next, returning to FIG. 20 once again, the following process will bedescribed.

After S411, based on the access right determining process, MME 40transmits an attachment permission to LTE base station unit 630 (S412).The attachment permission includes an APN and the service class based onthe result of the determining process. However, when no access right isgiven to any service based on the result of the determining process, thepermission does not include any service class.

LTE base station unit 630 receives the attachment permission, and refersto packet filtering information 652 of FIG. 13, based on the serviceclass if the service class is included, and implements a communicationpath setup process to be described next (S416). Then, whether eachcommunication data packet transmitted and received by home base station60 is forwarded or not is determined based on this communication pathsetup process.

FIGS. 22 and 23 show a flow chart of the communication path setupprocess, which will be described hereinbelow.

First, LTE base station unit 630 receives communication data (StepS2000) and determines whether the communication data has been receivedfrom UE 70 that is connecting to home base station 60 (Step S2002).

Herein, if the communication data is one that is received from UE 70(Step S2002; Yes), the destination address is extracted so as to referto packet filtering information 652, in accordance with the serviceclass of UE 70 (Step S2004). Then, it is determined whether thedestination address is one that is allowed or not (Step S2006).

If it was determined at Step S2006 that the destination address is onethat is allowed (Step S2006; Yes), the communication data is forwardedto NAT unit 610 (S2008), and this process is ended.

On the other hand, if it was determined at Step S2006 that thedestination address is one that is not allowed (Step S2006; No), it isfurther determined whether or not the destination address is one that isdirected to the home network (Step S2010). At this point, if thedestination is the address that is directed to the home address (StepS2010; Yes), the received communication data is discarded (Step S1012).If otherwise, the received data is forwarded to SGW 20 through the EPSbearer (S2014), and this process is ended.

When, at Step S2002, the reception at LTE base station unit 630 is notfrom UE 70 (Step S2002; No), it is determined whether or not thereception is by way of the EPS bearer (Step S2050 in FIG. 23). Then, ifit is determined that the reception is by way of the EPS bearer (StepS2050; Yes), the received communication data is transmitted to UE 70using LTE base station unit 630 (Step S2052), and this process is ended.

On the other hand, if it is determined at Step S2050 that the receptionis not obtained by way of the EPS bearer (Step 2050; No), UE 70 issearched based on the destination address and the pre-translationaddress in address translation DB 612 (Step S2054). Then, it isdetermined whether or not the corresponding UE is included in addresstranslation DB 612 (Step S2056).

At this point, when the corresponding UE is included in addresstranslation DB 612 (Step S2056; Yes), the sender address is extracted soas to refer to packet filtering information 652, in accordance with theservice class of the UE (Step S2058). Then, it is determined whether thesender address is one that is allowed (Step S2060). When the senderaddress is an allowed one (Step S2060; Yes), the communication data istransmitted to UE70, using LTE base station unit 630 (Step S2052), andthis process is ended.

When it is determined that the UE is not included at Step S2056 (StepS2056; No), or when the sender address is not an allowed one at StepS2060 (Step S2060; No), the received communication data is discarded andthe process is ended (Step S2062).

Further, after setup of a communication path is completed in thiscommunication path setup process, LTE base station unit 630 transmits anattachment permission to UE 70 (S422 in FIG. 20). Here, the attachmentpermission includes an APN and does not include the service class. Bythe above procedure, the PDN connection establishment process iscompleted.

[1.3.4 EPS Bearer Establishment Process]

Next, returning to FIG. 19 once again, the following process will bedescribed.

After the PDN connection establishment process (S241), UE 70 transmitsan RRC connection re-setting up complete message to LTE base stationunit 630 (S218).

Then, LTE base station unit 630 transmits a bearer setup response to MME40 (S220). MME 40 receives the bearer setup response and transmits abearer update request including the IP address of home base station 60to SGW 20 (S222).

SGW 20 transmits a bearer update response to MME 40 (S224), and acquiresthe IP address of home base station 60 to establish an EPS bearer.

Then, SGW 20 transmits a router advertisement stored with the HNPacquired from the PDN connection establishment process, to UE 70 (S226).

UE 70 takes out the HNP from the received router advertisement andgenerates an IPv6 address of itself using the HNP (S228).

By the above procedure, UE 70 completes EPS bearer establishment andforms such a state that transmission and reception of communication datausing PMIP tunnel 1 and the EPS bearer is enabled.

[1.3.5 Transmission and Reception Processes of UE's Communication Data]

When connecting to the internet by means of an application such as a WEBbrowser etc., or making use of home network connection service, UE 70transmits communication data to LTE base station unit 630 first (S230).

LTE base station unit 630 having the received communication data from UE70, selects a communication path for the received communication data,based on the above-described communication path setup process (StepS232). Then, when it has been determined based on the determination ofthe communication path setup process that communication data isforwarded to the SGW via the EPS bearer, the communication data istransferred via the EPS bearer and PMIP tunnel 1 and sent out to aforeign PDN (S234).

When, based on the determination of the communication path setup processUE 70 uses local IP access (S236) or it has been determined thatcommunication data is transferred to NAT unit 610, NAT unit 610implements a NAT process of altering the sender address of thecommunication data based on the address translation DB 612 (S238). Then,if the destination address is an address on the home network, thecommunication data is transmitted using home network interface unit 660.If otherwise, the communication data is transmitted using interface unit670 used for broadband access network.

If UE 70, defying the access right information, transmits communicationdata to the home network despite that the home network connectionservice via local IP access is not available, the communication data isdiscarded by the above-described communication path setup process at LTEbase station unit 630.

In this way, in the present embodiment, for the service using the localIP access functionality of the home base station, the owner of the homebase station and the mobile network operator can set up the access rightof each UE for each service, hence it is possible to realize varioususage scenarios of the home base station.

Further, the home base station can perform packet filtering based on theservice class for which access right is given to a UE. Even if a UE thatis not allowed to use home network connection service via local IPaccess, has transmitted communication data directed to the home network,intentionally or by mistake, the home base station can detect anddiscard the communication data. Further, the communication data directedin reverse is also packet filtered in accordance with the access right.

Further, when the UE has transmitted communication data directed to theinternet, the home base station determines whether the transmissionshould be performed via local IP access or via the core network, basedon the access right of the UE, so that no change in functionality isneeded for the UE to perform communication path selection.

Moreover, the MME stuffs the service class into the attachmentpermission to notify the home base station of the access right as tolocal IP access so as to perform access control of a UE in accordancewith that notified right. With this arrangement, the home base stationdoes not need to retain access right information for each UE.

Furthermore, the group identifier of an accessible home base station andaccess right information on local IP access for every UE are integrallymanaged in the subscriber information management apparatus, so that thisinformation is used for access control at the home base station. Withthis arrangement, it becomes possible for the owner of the home basestation and the mobile network operator to easily set up and manageaccess right information.

Although the present embodiment was described taking an example ofestablishing a PMIP tunnel by using a binding update request and abinding update response between PGW 10 and SGW 20, the invention shouldnot be limited to this. It is possible to use a method of establishing atransmission path that is equivalent to a PMIP tunnel by establishing aGTP (GPRS Tunneling Protocol) tunnel using a bearer establishmentrequest and a bearer establishment response, instead.

Further, though the present embodiment was described taking an exampleof a case where home base station 60 also includes as its constituent agateway to a broadband access network, the present invention should notbe limited to this. It is also possible to configure the interface unit670 used for broadband access network of home base station 60 and homenetwork interface unit 660 alone as a separate apparatus (which will bereferred to hereinbelow as home gateway) while home base station 60 mayinclude controller 600 to which NAT unit 610, LTE base station unit 630,storage 650 and home network interface unit 660 are connected by a bus.In this case, it is understood that home base station 60, the homegateway and information terminal 80 are mutually connected via the homenetwork interface.

Further, though the present invention was described taking an example ofa case where a UE performs communication using IPv6, a similar procedurecan be carried out in a case using IPv4 addresses. However, IPv4 globaladdresses are running out, so that it is expected to be difficult for anoperator of offering broadband access service to assign a large numberof IPv4 address blocks to individual home base stations. In this case,when internet connection through local IP access is used, it is presumedthat address translation based on NAT (Network Address Translation) isused. First, private address space such as 192.168.0.0/16 may be managedin the IP address pool inside the home base station so as to allot IPv4addresses to the UEs connecting to the home base station with Pv4addresses having a different subnet in the order of “192.168.1.1/netmask255.255.255.0”, “192.168.2.1/netmask 255.255.255.0”, “192.168.n.1/netmask 255.255.255.0” (n is 3 to 255), for example.

Further, though the present invention was described taking an example ofa case where home base station 60 is connected to SGW 20 and MME 40 byway of GW 50, the invention should not be limited to this; home basestation 60 may be directly connected to SGW 20 and MME 40.

2. The Second Embodiment

Next, the second embodiment of the present invention will be described.This embodiment has the same network configuration and apparatusconfiguration as those of the first embodiment, except for theconfiguration of home base station 60, so that detailed description ofthe other configurations than that of home base station 60 is omitted.

[2.1 Apparatus Configuration]

First, each apparatus configuration will be briefly described withreference to the drawings.

[2.2.1 Home Base Station]

The configuration of a home base station 62 in the present embodimentwill be described. FIG. 24 is a diagram showing one example of theconfiguration of home base station 62, which is different from theconfiguration of home base station 60 in the first embodiment in thataccess right information 656 is recorded in a storage 658 (650).

FIG. 25 is a diagram showing one example of access right information656, which shows a UE identifier (e.g., “UE1”) and available service(e.g., “class 1; internet connection disallowed”, “class 2: home networkconnection allowed”, and the like) for every UE that comes to connect tohome base station 62.

It is assumed that the owner of home base station 62 can modify thisaccess right information 656, e.g., add new information of another UE,modify the available service for a particular UE.

Here, it is assumed that when information is added or modified, theinformation is synchronized with that written in subscription DB 352 ofHSS 30 shown in FIG. 6. As an information synchronizing means, when, forexample, any change in access right information takes place, home basestation 62 may give notice to HSS 30, or subscription DB 352 of HSS 30may be changed first, then HSS 30 may give notice to home base station62.

The other configurations are the same as home base station 60 of thefirst embodiment described with FIG. 11, so that detailed description isomitted.

[2.2 Description of Processing]

First, similarly to the first embodiment, home base station 62 performsa procedure of registration to mobile communication system 1. Theregistering procedure is the same as that in the first embodiment sothat description is omitted.

UE 70 next performs an attach process via home base station 62. Thedifference from the first embodiment herein resides in the PDNconnection establishment process. Next, the PDN connection establishmentprocess of the present embodiment will be described.

[2.2.1 PDN Connection Establishment Process]

FIG. 26 shows a PDN connection establishment process.

First, MME 40 transmits a bearer setup request to SGW 20 (S500). Thebearer setup request includes a UE identifier (UE1) and an APN.

SGW 20 receives the bearer setup request, and transmits a binding updaterequest to PGW 10 in order to establish a PMIP tunnel between SGW 20 andPGW 10 (S502). The binding update request includes the UE identifier(UE1) and APN.

PGW 10 receives the binding update request, and allots an HNP to UE 70first, to generate binding information as shown in FIG. 3 (S504).

Further, PGW 10 establishes PMIP tunnel 1 between PGW 10 and SGW 20 andperforms such routing so as to forward to SGW 20 via PMIP tunnel 1 whenreceiving communication data directed to the HNP allotted for UE 70(S506). Then, PGW 10 returns a binding update response to SGW 20 (S508).This message includes the allotted HNP.

SGW 20 having received the binding update response transmits a bearersetup response to MME 40 (S510). Here, the bearer setup responseincludes the HNP.

Then, MME 40 receives the bearer setup response. Differing from thefirst embodiment, the MME, not determining whether the access right tolocal IP access is present or not, transmits an attachment permissionincluding an APN alone to LTE base station unit 630 (S512).

LTE base station unit 630 receives the attachment permission and checkswhether UE 70 has access right to local IP access or not (S514). Thedetermining process implemented herein is the same as the access rightdetermining process, illustrated in FIG. 21, performed by the MME 40 inthe first embodiment, except in that the process is performed based onaccess right information 656 held by home base station 62, instead ofreferring to subscription DB 452 of MME 40.

Further, LTE base station unit 630 implements a communication path setupprocess, based on the service class based on the access right of UE 70and packet filtering information 652, to determine whether each ofcommunication data can be forwarded or not (S516).

The communication path setup process is also the same as that in thefirst embodiment, except in that the process is implemented based onaccess right information 656 stored in home base station 62.

After completion of setting up the communication path, LTE base stationunit 630 transmits an attachment permission to UE 70 (S522). From theabove process, the PDN connection establishment procedure is completed.

The processing afterwards is the same as that in the first embodiment,so that description is omitted.

In this way, according to the second embodiment, since the home basestation as well as HSS holds access right information on each UE, it isno longer necessary to add the service class as an extra step when theMME transmits the attachment permission to the LTE base station unit, itis hence possible to minimize addition of functionality to the MME.

As the embodiments of this invention have been detailed heretofore withreference to the drawings, the specific configuration should not belimited to the embodied modes. Designs and others that do not departfrom the gist of this invention should also be included in the scope ofclaims.

As stated above, the present embodiment can be described as follows.

A mobile communication system of the present embodiment is a mobilecommunication system in which a home network having a home base stationto which a mobile terminal is connected and a core network to which asubscriber information management apparatus, a position managementapparatus and an access control apparatus are connected, are connectedvia a foreign network, wherein the subscriber information managementapparatus includes: a subscription storage that stores, as subscriptioninformation, a group identifier for identifying a home base station anda service class available for the mobile terminal, in correspondencewith a mobile terminal identifier for identifying the mobile terminal; apositional information update request receiver for receiving apositional information update request of the mobile terminal from theposition management apparatus; and, a positional information responsetransmitter that extracts a service class corresponding to a mobileterminal identifier included in the positional information updaterequest, from the subscription storage and transmits a positionalinformation update response included with the extracted service class tothe position management apparatus.

A subscriber information management apparatus of the present embodimentis a subscriber information management apparatus included in a mobilecommunication system in which a home network having a home base stationto which a mobile terminal is connected and a core network to which thesubscriber information management apparatus, a position managementapparatus and an access control apparatus are connected, are connectedvia a foreign network, comprising: a subscription storage that stores,as subscription information, a group identifier for identifying a homebase station and a service class available for a mobile terminal via ahome base station, in correspondence with a mobile terminal identifierfor identifying the mobile terminal; a positional information updaterequest receiver for receiving a positional information update requestof the mobile terminal from a position management apparatus; and, apositional information response transmitter that extracts the serviceclass corresponding to the mobile terminal identifier included in thepositional information update request, from the subscription storage andtransmits a positional information update response included with theextracted service class to the position management apparatus.

The subscriber information management apparatus of the presentembodiment is characterized in that the service class available for themobile terminal, included in the subscription information shows whetheror not the mobile terminal is allowed to connect to an Internet andwhether or not the mobile terminal is allowed to connect to the homenetwork.

A position management apparatus of the present embodiment is a positionmanagement apparatus included in a mobile communication system in whicha home network having a home base station to which a mobile terminal isconnected and a core network to which a subscriber informationmanagement apparatus, the position management apparatus and an accesscontrol apparatus are connected, are connected via a foreign network,comprising: an attach request receiver for receiving an attach requestincluding a mobile terminal identifier from a mobile terminal; apositional information update request transmitter that extracts a mobileterminal identifier from the attach request and transmits a positionalinformation update request including the mobile terminal identifier, toa subscriber information management apparatus; a positional informationupdate response receiver for receiving a positional information updateresponse including a service class available service for the mobileterminal, from the subscriber information management apparatus; and anattach request allow/disallow decider that extracts the service classfrom the positional information update response and decides whether ornot an attach request from the mobile terminal is acceptable, based onthe available service.

A home base station of the present embodiment is a home base stationincluded in a mobile communication system in which a home network havingthe home base station to which a mobile terminal is connected and a corenetwork to which a subscriber information management apparatus, aposition management apparatus and an access control apparatus areconnected, are connected via a foreign network, comprising: anattachment permission receiver for receiving an attachment permissionincluding a service class, from the position management apparatus; apacket filtering storage for storing packet filtering information inaccordance with the service class in order to control communication of amobile terminal; and, a communication path controller for performingcommunication path selection control on a mobile terminal beingconnected, based on the service class included in the attachmentpermission and the packet filtering information.

A home base station of the present embodiment is a home base stationincluded in a mobile communication system in which a home network havingthe home base station to which a mobile terminal is connected and a corenetwork to which a subscriber information management apparatus, aposition management apparatus and an access control apparatus areconnected, are connected via a foreign network, comprising: a local IPaccess functionality retention notifier for notifying a positionmanagement apparatus that the home base station is equipped with localIP access functionality.

-   1 mobile communication system    -   10 PGW        -   100 controller        -   110 transmitting/receiving unit        -   120 packet transmitting/receiving unit        -   150 storage            -   152 binding information        -   160 PMIP processor    -   20 SGW        -   200 controller        -   210 transmitting/receiving unit        -   220 packet transmitting/receiving unit        -   250 storage        -   260 PMIP processor        -   270 bearer establishment processor    -   30 HSS        -   300 controller        -   310 transmitting/receiving unit        -   350 storage            -   352 subscription DB    -   40 MME        -   400 controller        -   410 transmitting/receiving unit        -   450 storage            -   452 subscription DB            -   454 APN-IP address translation DB    -   50 GW        -   500 controller        -   510 transmitting/receiving unit        -   520 packet transmitting/receiving unit        -   550 storage    -   60, 62 home base station        -   600 controller        -   610 NAT unit            -   612 address translation DB        -   630 LTE base station unit            -   635 external antenna        -   650, 658 storage            -   652 packet filtering information            -   654 IP address pool            -   656 access right information        -   660 home network interface unit        -   670 interface unit used for broadband access network    -   70 UE        -   700 controller        -   710 LTE interface unit            -   715 external antenna        -   720 packet transmitting/receiving unit        -   750 storage            -   752 APN list        -   770 bearer establishment processor    -   80 information terminal        -   800 controller        -   810 home network interface unit        -   850 storage

1. A base station in a mobile communication system, wherein the mobilecommunication system is configured to include the base station; asubscriber information management apparatus; a position managementapparatus; an access control apparatus; and a mobile station, the basestation comprising: a receiving circuitry configured to receive anattach procedure from a mobile station; and a transmitting circuitryconfigured to receive the attach procedure from the mobile station andtransmit a signal regarding the attach procedure to a positionmanagement apparatus, wherein when the mobile station is allowed a localIP access (LIPA) to connect to a network to which the base stationconnects without passing through a core network, the receiving circuitryreceives an attachment acceptance including at least a service classfrom the position management apparatus, and the base station performs,by using the local IP access, a data reception and transmission withbetween the network to which the base station connects without passingthrough the core network.
 2. The base station according to claim 1,wherein the transmitting circuitry transmits, to the position managementapparatus, the signal regarding the attach procedure along with a ClosedSubscriber Group Identification (CSGID), based on the reception of theattach procedure from the mobile station.
 3. The base station accordingto claim 1, wherein the service class is information indicatingpermission that enables the local IP access to connect only to thenetwork to which the base station connects without passing through thecore network.
 4. The base station according to claim 1, wherein afterreceiving the attachment acceptance including the service class, thebase station transmits an attachment acceptance to the mobile station.5. The base station according to claim 1, wherein the transmittingcircuitry transmits the signal regarding the attach procedure includingfirst information corresponding to the network to which the base stationconnects without passing through the core network.
 6. The base stationaccording to claim 5, wherein the first information is informationprovided by the mobile station.
 7. The base station according to claim5, wherein the transmitting circuitry transmits a signal regarding theattach procedure including second information differing from the firstinformation and corresponding to the local IP access to connect to anInternet.
 8. The base station according to claim 6, wherein thetransmitting circuitry transmits a signal regarding the attach procedureincluding second information differing from the first information andcorresponding to the local IP access to connect to an Internet.
 9. Thebase station according to claim 7, wherein the second information isinformation provided by the mobile station.
 10. The base stationaccording to claim 8, wherein the second information is informationprovided by the mobile station.
 11. The base station according to claim4, wherein the service class is information indicating permission thatenables the local IP access to connect only to an Internet.
 12. A mobilestation in a mobile communication system, wherein the mobilecommunication system is configured to include a base station; asubscriber information management apparatus; a position managementapparatus; an access control apparatus; and the mobile station, themobile station comprising: a transmitting circuitry configured totransmit an attach procedure to a base station; and a receivingcircuitry configured to receive an attachment acceptance from the basestation, wherein when the mobile station is allowed a local IP access(LIPA) to connect to a network to which the base station connectswithout passing through a core network, the mobile station performs, byusing the local IP access, a data reception and transmission withbetween the network to which the base station connects without passingthrough the core network.
 13. The mobile station according to claim 12,wherein the transmitting circuitry transmits an attach procedureincluding first information corresponding to the network to which thebase station connects without passing through the core network.
 14. Themobile station according to claim 13, wherein the transmitting circuitrytransmits the attach procedure including second information differingfrom the first information and corresponding to the local IP access toconnect to an Internet.
 15. A position management apparatus in a mobilecommunication system, wherein the mobile communication system isconfigured to include a base station; a subscriber informationmanagement apparatus; the position management apparatus; an accesscontrol apparatus; and a mobile station, the position managementapparatus comprising: a receiving circuitry configured to receive asignal regarding an attach procedure including first informationcorresponding to a local IP access (LIPA) to connect to a network towhich a base station connects without passing through a core network;and a transmitting circuitry configured to transmit an attachmentacceptance along with a service class, wherein the position managementapparatus is configured to store or obtain third information indicatingwhether or not the local IP access to connect only to the network towhich the base station connects without passing through the corenetwork, is allowed, the position management apparatus is configured toconfirm permission, based on the first information and the thirdinformation, whether or not the local IP access to connect to thenetwork to which the base station connects without passing through thecore network is allowed, the service class is the information indicatingthe permission that enables the local IP access to connect only to thenetwork to which the base station connects without passing through thecore network in case that the position management apparatus confirmpermission that the local IP access to connect to the network to whichthe base station connects without passing through the core network isallowed, the first information is at least used for the mobile stationto request an establishment of a connectivity corresponding to the localIP access.
 16. The position management apparatus according to claim 15,wherein the signal regarding the attach procedure includes a ClosedSubscriber Group Identification (CSGID).
 17. A mobile communicationsystem comprising: a base station; a subscriber information managementapparatus; a position management apparatus; an access control apparatus;and a mobile station, wherein the base station is comprised of: areceiving circuitry configured to receive an attach procedure from themobile station; and a transmitting circuitry configured to receive theattach procedure from the mobile station and transmit a signal regardingthe attach procedure to the position management apparatus, wherein whenthe mobile station is allowed a local IP access (LIPA) to connect to anetwork to which the base station connects without passing through acore network, the receiving circuitry receives an attachment acceptanceincluding at least a service class from the position managementapparatus, and the base station performs, by using the local IP access,a data reception and transmission with between the network to which thebase station connects without passing through the core network, themobile station is comprised of: a transmitting circuitry configured totransmit the attach procedure to the base station; and a receivingcircuitry configured to receive the attachment acceptance from the basestation, wherein when the mobile station is allowed the local IP access(LIPA) to connect to the network to which the base station connectswithout passing through the core network, the mobile station performs,by using the local IP access, a data reception and transmission withbetween the network to which the base station connects without passingthrough the core network, the position management apparatus is comprisedof: a receiving circuitry configured to receive the signal regarding theattach procedure including first information corresponding to the localIP access (LIPA) to connect to the network to which the base stationconnects without passing through the core network; and a transmittingcircuitry configured to transmit the attachment acceptance along withthe service class, wherein the position management apparatus isconfigured to store or obtain third information indicating whether ornot the local IP access to connect only to the network to which the basestation connects without passing through the core network, is allowed,the position management apparatus is configured to confirm permission,based on the first information and the third information, whether or notthe local IP access to connect to the network to which the base stationconnects without passing through the core network is allowed, theservice class is the information indicating the permission that enablesthe local IP access to connect only to the network to which the basestation connects without passing through the core network in case thatthe position management apparatus confirm permission that the local IPaccess to connect to the network to which the base station connectswithout passing through the core network is allowed, the firstinformation is at least used for the mobile station to request anestablishment of a connectivity corresponding to the local IP access.18. A communication method in a base station of a mobile communicationsystem, wherein the mobile communication system is configured to includethe base station; a subscriber information management apparatus; aposition management apparatus; an access control apparatus; and a mobilestation, the communication method comprising: receiving an attachprocedure from a mobile station; and receiving the attach procedure fromthe mobile station and transmit a signal regarding the attach procedureto a position management apparatus, wherein when the mobile station isallowed a local IP access (LIPA) to connect to a network to which thebase station connects without passing through a core network, the basestation receives an attachment acceptance including at least a serviceclass from the position management apparatus, and the base stationperforms, by using the local IP access, a data reception andtransmission with between the network to which the base station connectswithout passing through the core network.
 19. The communication methodaccording to claim 18, further comprising: transmitting, to the positionmanagement apparatus, the signal regarding the attach procedure alongwith a Closed Subscriber Group Identification (CSGID), based on thereception of the attach procedure from the mobile station.
 20. Thecommunication method according to claim 18, wherein the service class isinformation indicating permission that enables the local IP access toconnect only to the network to which the base station connects withoutpassing through the core network.
 21. The communication method accordingto claim 18, wherein after receiving the attachment acceptance includingthe service class, the base station transmits an attachment acceptanceto the mobile station.
 22. The communication method according to claim18, further comprising: transmitting the signal regarding the attachprocedure including first information corresponding to the network towhich the base station connects without passing through the corenetwork.
 23. The communication method according to claim 22, wherein thefirst information is information provided by the mobile station.
 24. Thecommunication method according to claim 22, further comprising:transmitting a signal regarding the attach procedure including secondinformation differing from the first information and corresponding tothe local IP access to connect to an Internet.
 25. The communicationmethod according to claim 23, further comprising: transmitting a signalregarding the attach procedure including second information differingfrom the first information and corresponding to the local IP access toconnect to an Internet.
 26. The communication method according to claim24, wherein the second information is information provided by the mobilestation.
 27. The communication method according to claim 25, wherein thesecond information is information provided by the mobile station. 28.The communication method according to claim 21, wherein the serviceclass is information indicating permission that enables the local IPaccess to connect only to an Internet.
 29. A communication method in amobile station of a mobile communication system, wherein the mobilecommunication system is configured to include a base station; asubscriber information management apparatus; a position managementapparatus; an access control apparatus; and the mobile station, thecommunication method comprising: transmitting an attach procedure to abase station; and receiving an attachment acceptance from the basestation, wherein when the mobile station is allowed a local IP access(LIPA) to connect to a network to which the base station connectswithout passing through a core network, the mobile station performs, byusing the local IP access, a data reception and transmission withbetween the network to which the base station connects without passingthrough the core network.
 30. The communication method according toclaim 29, further comprising: transmitting an attach procedure includingfirst information corresponding to the network to which the base stationconnects without passing through the core network.
 31. The communicationmethod according to claim 30, further comprising: transmitting theattach procedure including second information differing from the firstinformation and corresponding to the local IP access to connect to anInternet.
 32. A communication method in a position management apparatusof a mobile communication system, wherein the mobile communicationsystem is configured to include a base station; a subscriber informationmanagement apparatus; the position management apparatus; an accesscontrol apparatus; and a mobile station, the communication methodcomprising: receiving a signal regarding an attach procedure includingfirst information corresponding to a local IP access (LIPA) to connectto a network to which a base station connects without passing through acore network; and transmitting an attachment acceptance along with aservice class, storing or obtaining third information indicating whetheror not the local IP access to connect only to the network to which thebase station connects without passing through the core network, isallowed, and confirming permission, based on the first information andthe third information, whether or not the local IP access to connect tothe network to which the base station connects without passing throughthe core network is allowed, wherein the service class is theinformation indicating the permission that enables the local IP accessto connect only to the network to which the base station connectswithout passing through the core network in case that the positionmanagement apparatus confirm permission that the local IP access toconnect to the network to which the base station connects withoutpassing through the core network is allowed, and the first informationis at least used for the mobile station to request an establishment of aconnectivity corresponding to the local IP access.
 33. The communicationmethod according to claim 30, wherein the signal regarding the attachprocedure includes a Closed Subscriber Group Identification (CSGID).